INTERNAL MEMO CALLS OVER-COLLECTION OF DATA PART OF
"PATTERN" SHOWING "INABILITY OF THE FBI TO MANAGE" FOREIGN
INTELLIGENCE WIRETAPS

WASHINGTON, DC -- An FBI anti-terrorism investigation possibly
involving Usama bin Laden was hampered by technical flaws in the
Bureau's controversial Carnivore Internet surveillance system. The
incident, which occurred in March 2000, is described in
newly-released FBI documents obtained under court order by the
Electronic Privacy Information Center (EPIC). A written report
describes the incident as part of a "pattern" indicating "an
inability on the part of the FBI to manage" its foreign
intelligence surveillance activities.

An internal FBI e-mail message dated April 5, 2000, and sent to
M. E. (Spike) Bowman, Associate General Counsel for National
Security Affairs, recounts how the Carnivore "software was turned
on and did not work correctly." The surveillance system captured
not only the electronic communications of the court-authorized
target, "but also picked up E-Mails on non-covered" individuals, a
violation of federal wiretap law. According to the Bureau
document, the "FBI technical person was apparently so upset that
he destroyed all the E-Mail take, including the take on [the
authorized target]."

The botched surveillance was performed by the FBI's
International Terrorism Operations Section (ITOS) and its "UBL
Unit," which refers to the government's official designation of
bin Laden. The Bureau document indicates that an official at the
Justice Department's Office of Intelligence Policy and Review
(whose name has been deleted) became aware of the problem, and "To
state that she is unhappy with ITOS and the UBL Unit would be an
understatement of incredible proportions."

The reported problem apparently was not the first to arise
during the course of FBI implementation of the Foreign
Intelligence Surveillance Act (FISA). The internal document
concludes its report of the "UBL Unit" incident by noting, "When
you add this story to the FISA mistakes covered in [another,
unreleased document], you have a pattern of occurrences which
indicate to OIPR an inability on the part of the FBI to manage its
FISAs."

Two Bureau documents written one week later discuss Carnivore's
tendency to cause "the improper capture of data," and note that
"[s]uch unauthorized interceptions not only can violate a
citizen's privacy but also can seriously 'contaminate' onging
investigations" and that such interceptions are "unlawful." An FBI
lawyer (whose name has been deleted) writes that the Bureau must
"go out of our way to avoid tripping over innocent third party
communications." The lawyer concludes, "I am not sure how we can
proceed to test [Carnivore] without inadvertently
intercepting the communications of others, but we really need to
try."

The Bureau lawyer notes that "missteps under FISA lead to
mandatory reporting to the President's Foreign Intelligence
Advisory Board, and such errancies must be
reported/explained/justified to Congress." The documents do not
indicate whether the "UBL Unit" incident was reported to either
body.

Since its existence became public in 2000, the Carnivore system
has been criticized by EPIC and other privacy groups, as well as
members of Congress, because it gives the FBI unprecedented,
direct access to the data networks of Internet service providers.
The FBI has publicly downplayed the system's potential for
over-collection of private communications, although internal
documents released earlier to EPIC confirmed such a risk. An
independent review of Carnivore commissioned by the Justice
Department also found that the system is capable of "broad sweeps"
and recommended technical changes to address the problem. Neither
DOJ nor the FBI has indicated publicly whether those
recommendations were ever implemented.

The newly-released FBI documents were provided to EPIC on
Friday, May 24, in response to a court order issued by U.S.
District Judge James Robertson in the privacy group's ongoing
Freedom of Information Act lawsuit seeking the disclosure of
material concerning Carnivore. The order directed the Bureau to
conduct a second search for relevant documents after EPIC
successfully argued (over the Bureau's objections) that an initial
FBI search was inadequate and likely overlooked responsive
records.

The case is being litigated by EPIC's General Counsel, David
Sobel, who said, "These documents confirm what many of us have
believed for two years -- Carnivore is a powerful but clumsy tool
that endangers the privacy of innocent American citizens. We have
now learned that its imprecision can also jeopardize important
investigations, including those involving terrorism." Sobel added,
"As we suggested when it first became public, Carnivore's use
should be suspended until the questions surrounding it finally can
be resolved. Our FOIA lawsuit shows that there's a great deal
about Carnivore that we still don't know."